Phase:The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote attackers to modify the block without detection by changing its cyclic redundancy check (CRC) to match the modifications to the message.
ReferencesCERT-VN:VU#315308 | URL:http://www.kb.cert.org/vuls/id/315308 | XF:ssh-idea-modify-packets(6472) | URL:http://xforce.iss.net/xforce/xfdb/6472
Votes:Assigned (Thursday, April 21, 2005)
Comments:None (candidate not yet proposed)
F7: